Automatic reply by the recipient on the comments section in a report

[angelosefs]

Proposal

Add an automatic reply in the comments section of a new report as soon as the whistleblower submits the report.

Motivation and context

According to the law, the recipient should give an acknowledgment of receipt to the whistleblower within seven days.

Our client requests that we need to add an automatic reply in the comment section of the report as soon as the whistleblower submits the particular report to satisfy the above requirement.

There are various reasons that this feature will be very useful. One of them -which our client emphasizes- is that the receiver is only one person and he/she is often absent from the work due to professional reasons. That makes it difficult to fulfill the above obligation of the law (acknowledgment of receipt within 7 days).

Also, what options does the platform provide us at the moment to somehow workaround this obligation?

[evilaliv3]

Thank you @angelosefs for your proposal.

This topic is quite discussed in the community.

1. We do not consider that sending an automated message right away after the report is saved is an acknowledgment that the organization has taken in charge the handling of the report. If you consider so, please consider that such an automated exists already when the platform confirms the reception of the report confirming that the report was saved and giving the code to access. Many in the community consider that this is enough as acknowledgment within the 7 days.
2. We are considering adding more automated messages to communicate to the whistleblower that the report was opened by a recipient and this aspect is already briefly communicated by the system that changes the status of the report to "opened" as soon that the recipient has "opened"; If the recipient does open the report in time for the 7 days the notice of change of status is in our opinion enough to communicate that the recipient has taken in charge the report.

\cc @giorgiofraschini @javialama @gianlucagilardi

[gianlucagilardi]

Well, from my perspective I totally agree with you that the key code provided to the whistleblower is already (also) a receipt. Since the law does not provide for specific mandatory content of such receipt, given that the key code is generated only when the report has been received in the system and the fact IIRC that the very wording of the page showing the key code defines it as a receipt should be enough. I am personally not a great fan of automated/canned messages as in my view they might create a false sense of security in recipients ("heck, there is the automated message anyway, who cares!")

[giorgiofraschini]

I agree with @evilaliv3. the rationale of the EU Directive is that there is an actual taken in charge of the report. Any automatic reply does not respect that. The Directive wants the whistleblowers understand that they are not ignored, that their claim is taken care of seriously. I am strongly against any automatic reply. moreover, GlobaLeaks is a software which can be perceived as cold, as a machine: we need to make whistleblowers understand that there is a human being as recipient. if we want to keep it formal, i agree with @gianlucagilardi as well that the keycode is a receipt already.

I know there is the problem related to the recipient in vacation, not able to reply within 7 days. I believe that in these cases (one, twice a year), they should insert a line in the platform or in the organisation website, specifying that for the following weeks the first response could be a little late. i am sure no sanction will ever be issued in cases like this.

[JaviAlama]

I agree with all the above comments, I would summarise them as follows:

Automatic acknowledgement of receipt-> The law aims to build trust with the complainant. An automatic acknowledgement means that the complaint has been automatically registered or received, but not actually opened or read.

Manual acknowledgement of receipt -> All complaints must be read and treated equally upon receipt (to be defined by each individual entity). In our case, after opening an electronic file for each complaint, we generate the acknowledgement of receipt incorporating information on the file assigned to the complaint. This document is drafted manually and signed electronically and made available to the complainant through the complaints mailbox.

In my view, the acknowledgement of receipt requires manual participation. This manual involvement is the best response to the whistleblower. In case of holidays or absence for more than 7 days, you should indicate this in a notice in the mailbox.

The more information we give to the whistleblowesr, the more confidence they will have in reporting problems to us.

[danielvaknine]

We also agree with the above – both from a legal and a whistleblower perspective. The answer should not be automatic.

In the case of your client, they shouldn't have only that one person receiving cases, but preferably multiple (to also ensure independent handling of the report).